As enterprise IT infrastructures become more virtualized, cloud-based, and fast changing, traditional cyber security systems cannot adapt well to this trend since these systems are tied to static network identities and rely on stateful devices. One example is an IP based stateful firewall in a cloud. It will not perform as expected if any protected virtual machine has changed its IP address due to cloud operations.
The traditional approach to performing security configuration largely relies on manual work. In addition, since many security controls use assets' physical attributes in their configurations, when the assets' physical attribute changes, it often requires significant manual work to identify other assets and controls that are impacted by that change and to modify relevant configurations. When a new device is added to the network or an existing device is removed, it also may require significant manual changes to security control configurations.